From 958213b6cb3b38e412341fa8d3947242ac14dad9 Mon Sep 17 00:00:00 2001
From: hitchhooker <tommi@niemi.lol>
Date: Mon, 5 Feb 2024 12:18:16 +0700
Subject: [PATCH] update acl to target correctly

---
 roles/proxmox_acl_access/tasks/main.yaml  |  2 +-
 roles/proxmox_acl_users/tasks/main.yaml   |  2 +-
 roles/proxmox_setup_nodes/tasks/main.yaml | 50 +++++++++++++++++++++--
 3 files changed, 48 insertions(+), 6 deletions(-)

diff --git a/roles/proxmox_acl_access/tasks/main.yaml b/roles/proxmox_acl_access/tasks/main.yaml
index ea45125..50e4679 100644
--- a/roles/proxmox_acl_access/tasks/main.yaml
+++ b/roles/proxmox_acl_access/tasks/main.yaml
@@ -6,7 +6,7 @@
 
 - name: Set primary node and is_cluster fact
   ansible.builtin.set_fact:
-    primary_node: "{{ cluster_config.stat.exists | ternary(groups['all'][0], inventory_hostname) }}"
+    primary_node: "{{ cluster_config.stat.exists | ternary(groups['proxmox_hosts'][0], inventory_hostname) }}"
     is_cluster: "{{ cluster_config.stat.exists }}"
 
 - name: Acquire acl lists
diff --git a/roles/proxmox_acl_users/tasks/main.yaml b/roles/proxmox_acl_users/tasks/main.yaml
index 425ce4b..2166cb8 100644
--- a/roles/proxmox_acl_users/tasks/main.yaml
+++ b/roles/proxmox_acl_users/tasks/main.yaml
@@ -6,7 +6,7 @@
 
 - name: Set primary node and is_cluster fact
   ansible.builtin.set_fact:
-    primary_node: "{{ cluster_config.stat.exists | ternary(groups['all'][0], inventory_hostname) }}"
+    primary_node: "{{ cluster_config.stat.exists | ternary(groups['proxmox_hosts'][0], inventory_hostname) }}"
     is_cluster: "{{ cluster_config.stat.exists }}"
 
 - name: Acquire current users on primary node
diff --git a/roles/proxmox_setup_nodes/tasks/main.yaml b/roles/proxmox_setup_nodes/tasks/main.yaml
index 56fcbf4..b5e8572 100644
--- a/roles/proxmox_setup_nodes/tasks/main.yaml
+++ b/roles/proxmox_setup_nodes/tasks/main.yaml
@@ -2,16 +2,58 @@
 ---
 - name: Create predefined containers
   community.general.proxmox:
-    config: "{{ proxmox_defaults | combine(item.proxmox_config) }}"
+    api_host: "{{ proxmox_defaults.api_host }}"
+    api_user: "{{ proxmox_defaults.api_user }}"
+    api_password: "{{ proxmox_defaults.api_password | default(omit) }}"
+    api_token_id: "{{ proxmox_defaults.api_token_id | default(omit) }}"
+    api_token_secret: "{{ proxmox_defaults.api_token_secret | default(omit) }}"
+    node: "{{ item.proxmox_config.node }}"
+    password: "{{ item.proxmox_config.password }}"
+    hostname: "{{ item.proxmox_config.hostname }}"
+    ostemplate: "{{ item.proxmox_config.ostemplate }}"
+    disk: "{{ item.proxmox_config.disk | default(omit) }}"
+    cores: "{{ item.proxmox_config.cores | default(omit) }}"
+    memory: "{{ item.proxmox_config.memory | default(omit) }}"
+    swap: "{{ item.proxmox_config.swap | default(omit) }}"
+    netif: "{{ item.proxmox_config.netif | default(omit) }}"
+    features: "{{ item.proxmox_config.features | to_json | default(omit) }}"
+    onboot: "{{ item.proxmox_config.onboot | default(omit) }}"
+    unprivileged: "{{ item.proxmox_config.unprivileged | default(omit) }}"
+    vmid: "{{ item.proxmox_config.vmid }}"
+    state: "{{ item.proxmox_config.state | default('present') }}"
   loop: "{{ lxc_nodes }}"
   when: lxc_nodes is defined
   register: container_creation_result
+  no_log: True # Adjust based on your security policies
 
-- name: Start predefined nodes
+- name: Start predefined nodes if not already started
   community.general.proxmox:
-    config: "{{ proxmox_defaults | combine({'vmid': item.proxmox_config['vmid'], 'state': 'started'}) }}"
+    api_host: "{{ proxmox_defaults.api_host }}"
+    api_user: "{{ proxmox_defaults.api_user }}"
+    api_password: "{{ proxmox_defaults.api_password | default(omit) }}"
+    api_token_id: "{{ proxmox_defaults.api_token_id | default(omit) }}"
+    api_token_secret: "{{ proxmox_defaults.api_token_secret | default(omit) }}"
+    node: "{{ item.proxmox_config.node }}"
+    vmid: "{{ item.proxmox_config.vmid }}"
+    state: 'started'
   loop: "{{ lxc_nodes }}"
   when:
     - lxc_nodes is defined
-    - item.proxmox_config['state'] == 'present'
+    - item.proxmox_config.state == 'present'
   register: container_start_result
+  no_log: True # Adjust based on your security policies
+
+  # - name: Create predefined containers
+  #   community.general.proxmox: "{{ proxmox_defaults | combine(item.proxmox_config) }}"
+  #   loop: "{{ lxc_nodes }}"
+  #   when: lxc_nodes is defined
+  #   register: container_creation_result
+  #
+  # - name: Start predefined nodes
+  #   community.general.proxmox: "{{ proxmox_defaults | combine({'vmid': item.proxmox_config['vmid'], 'state': 'started'}) }}"
+  #   loop: "{{ lxc_nodes }}"
+  #   when:
+  #     - lxc_nodes is defined
+  #     - item.proxmox_config['state'] == 'present'
+  #   register: container_start_result
+